Maxime Rainville
98926e4e6c
[CVE-2019-19326] Stop honouring X-HTTP-Method-Override header, X-Original-Url header and _method POST variable. Add SS_HTTPRequest::setHttpMethod().
2020-07-14 13:25:55 +12:00
Daniel Hensby
5f48b3e5d2
FIX txt/json is not a valid content type
2018-08-13 12:16:42 +01:00
Sam Minnee
fa7f1954be
Fix test to match
2018-07-04 15:56:47 +12:00
Daniel Hensby
2b4954035f
NEW Add better HTTP cache-control manipulation ( #8086 )
2018-06-08 11:56:31 +12:00
Daniel Hensby
7897b3bb25
Merge branch '3.6' into 3
2017-12-14 15:31:51 +00:00
Daniel Hensby
81150c5922
FIX Use PHP 5.3 array syntax
2017-12-14 15:24:53 +00:00
Damian Mooyman
50aa1f22a6
Merge branch '3.6' into 3
2017-12-07 13:20:58 +13:00
Damian Mooyman
25e276cf37
[ss-2017-006] Fix user agent invalidation on session startup
2017-12-01 10:55:00 +13:00
Daniel Hensby
fd201bc71b
Merge branch '3.6' into 3
2017-11-25 16:18:46 +00:00
Daniel Hensby
3d3096485b
TEST Uppercase file extensions return correct mime type
2017-11-16 11:01:25 +00:00
Daniel Hensby
66456138e7
Merge branch '3.6' into 3
2017-05-26 14:58:16 +01:00
Daniel Hensby
24a768ae14
Merge branch '3.4' into 3.5
2017-05-26 14:57:15 +01:00
Daniel Hensby
85f0650796
Remove unnecessary nesting of config/injector in tests
2017-05-24 16:05:39 +01:00
Ben Speakman
27bca14f86
Test for getExtension()
2017-05-08 17:22:50 +12:00
Andrew Aitken-Fincham
ad0d68d133
add IPUtils.php to control and implement symfony IpUtils ( #6062 )
2016-09-26 12:44:55 +13:00
Daniel Hensby
679185514d
Merge 3.3 into 3
...
Conflicts:
admin/css/screen.css.map
2016-04-26 00:24:59 +01:00
Daniel Hensby
745faebd81
Merge 3.2 into 3.3
...
Conflicts:
.travis.yml
2016-04-26 00:17:09 +01:00
Daniel Hensby
a0812f987a
Merge 3.1 into 3.2
...
Conflicts:
admin/javascript/LeftAndMain.js
control/HTTPRequest.php
docs/en/00_Getting_Started/00_Server_Requirements.md
2016-04-26 00:09:33 +01:00
Daniel Hensby
817b836870
FIX getIP from behind a load-balancer that adds many IPs to the header
2016-03-01 21:07:48 +00:00
Sam Minnee
3ee8f505b7
MINORE: Remove training whitespace.
...
The main benefit of this is so that authors who make use of
.editorconfig don't end up with whitespace changes in their PRs.
Spaces vs. tabs has been left alone, although that could do with a
tidy-up in SS4 after the switch to PSR-1/2.
The command used was this:
for match in '*.ss' '*.css' '*.scss' '*.html' '*.yml' '*.php' '*.js' '*.csv' '*.inc' '*.php5'; do
find . -path ./thirdparty -not -prune -o -path ./admin/thirdparty -not -prune -o -type f -name "$match" -exec sed -E -i '' 's/[[:space:]]+$//' {} \+
find . -path ./thirdparty -not -prune -o -path ./admin/thirdparty -not -prune -o -type f -name "$match" | xargs perl -pi -e 's/ +$//'
done
2016-01-07 10:15:54 +13:00
Marcus Nyeholt
fc5e584201
Format for SS3 using tabs instead of spaces
2015-12-08 15:19:24 +11:00
Marcus Nyeholt
f7c270a3ba
NEW Use Config for determining Vary header
...
Existing implementation hardcodes the Vary header; swap to using Config layer
instead
Added test for changing the variable from config
2015-12-02 10:28:24 +11:00
Patrick Nelson
f192a6ecaf
FIX #4392 : Ensure headers are checked first before being clobbered by globally maintained state. Also ensuring tests utilize separate responses for isolation.
2015-10-09 13:50:33 -04:00
Damian Mooyman
309ac0d196
Merge remote-tracking branch 'origin/3.1' into 3.2
...
Conflicts:
.travis.yml
admin/code/CMSProfileController.php
admin/tests/LeftAndMainTest.php
control/HTTP.php
security/Permission.php
tests/forms/FormTest.php
tests/model/ArrayListTest.php
tests/security/PermissionTest.php
2015-09-09 14:35:29 +12:00
Daniel Hensby
2d4b743090
FIX Members can access their own profiles in CMS
2015-08-26 15:47:51 +01:00
Loz Calver
99a8a81e9a
Fix issues with tests and "subfolder" URLs
2015-08-25 11:49:01 +12:00
Damian Mooyman
1532eeb69e
Merge pull request #4459 from kinglozzer/test-path-fixes
...
Fix issues with tests and "subfolder" URLs
2015-07-31 21:16:46 +12:00
Loz Calver
1aa5d7314c
Fix issues with tests and "subfolder" URLs
2015-07-31 09:42:35 +01:00
Loz Calver
20a66136e6
Merge pull request #4403 from tractorcow/pulls/3.2/disable-deprecation
...
API Disable deprecation notices by default
2015-07-23 14:23:41 +01:00
Damian Mooyman
914d734df0
API Disable deprecation notices by default
2015-07-16 09:56:47 +12:00
Daniel Hensby
33d93c2a31
Fixing issues with HTTP cache control
2015-06-29 22:16:02 +01:00
Damian Mooyman
1d122803cc
Merge remote-tracking branch 'origin/3.1' into 3.2
...
Conflicts:
dev/SapphireTest.php
docs/en/02_Developer_Guides/01_Templates/01_Syntax.md
forms/DatetimeField.php
forms/NullableField.php
forms/NumericField.php
forms/gridfield/GridField.php
tests/control/DirectorTest.php
tests/model/DataObjectSchemaGenerationTest.php
tests/model/MySQLDatabaseTest.php
2015-06-19 10:48:07 +12:00
Damian Mooyman
78a3f703f2
Merge pull request #4178 from dhensby/pulls/cookie-name-normalisation
...
NEW Cookie names with dots are now handled more gracefully
2015-06-15 11:35:39 +12:00
Daniel Hensby
3ee5b24898
Nest and unnest Config and Controller for each test and test suite
2015-06-11 16:37:25 +01:00
Damian Mooyman
8331171f2c
Merge remote-tracking branch 'origin/3.1' into 3
...
Conflicts:
.scrutinizer.yml
admin/javascript/LeftAndMain.Panel.js
core/startup/ParameterConfirmationToken.php
dev/Debug.php
dev/FixtureBlueprint.php
docs/en/00_Getting_Started/05_Coding_Conventions.md
docs/en/00_Getting_Started/index.md
docs/en/02_Developer_Guides/01_Templates/01_Syntax.md
filesystem/File.php
filesystem/Folder.php
forms/FieldList.php
forms/LabelField.php
forms/MoneyField.php
forms/TextField.php
forms/TreeDropdownField.php
forms/Validator.php
forms/gridfield/GridField.php
forms/gridfield/GridFieldExportButton.php
lang/de.yml
lang/fi.yml
model/DataObject.php
model/SQLQuery.php
parsers/ShortcodeParser.php
security/ChangePasswordForm.php
security/Security.php
tests/control/DirectorTest.php
tests/core/startup/ParameterConfirmationTokenTest.php
tests/dev/FixtureBlueprintTest.php
tests/forms/FieldListTest.php
tests/forms/MoneyFieldTest.php
tests/model/SQLQueryTest.php
tests/security/SecurityTest.php
2015-06-02 19:13:38 +12:00
Ingo Schommer
dac1b5818b
Merge pull request #4217 from tractorcow/pulls/3.1/fix-directortest
...
BUG Fix DirectorTest failing when run with sake
2015-06-01 17:34:26 +12:00
Damian Mooyman
0a8f328947
Fix merge / test regressions
2015-05-28 16:59:05 +12:00
Damian Mooyman
e0710ae4e4
BUG Fix DirectorTest failing when run with sake
2015-05-22 14:48:35 +12:00
Daniel Hensby
ce5a8f2b41
NEW Cookie names with dots are now handled more gracefully
2015-05-12 10:49:58 +01:00
Damian Mooyman
43f49e8434
Merge remote-tracking branch 'origin/3.1' into 3
...
Conflicts:
admin/code/ModelAdmin.php
control/Director.php
model/SQLQuery.php
security/Member.php
tests/control/HTTPTest.php
tests/model/SQLQueryTest.php
tests/security/SecurityTest.php
tests/view/SSViewerTest.php
2015-03-31 19:54:15 +13:00
Daniel Hensby
f568052044
Testing empty absolute urls and more thorough tests
2015-03-13 13:56:14 +00:00
Damian Mooyman
0b1f297873
Merge remote-tracking branch 'origin/3.1'
...
Conflicts:
.travis.yml
README.md
admin/code/LeftAndMain.php
admin/css/screen.css
admin/scss/screen.scss
api/RestfulService.php
conf/ConfigureFromEnv.php
control/injector/ServiceConfigurationLocator.php
control/injector/SilverStripeServiceConfigurationLocator.php
core/ClassInfo.php
core/Object.php
css/AssetUploadField.css
css/ComplexTableField_popup.css
dev/CSSContentParser.php
dev/DevelopmentAdmin.php
docs/en/changelogs/index.md
docs/en/misc/contributing/code.md
docs/en/reference/execution-pipeline.md
filesystem/GD.php
filesystem/ImagickBackend.php
filesystem/Upload.php
forms/Form.php
forms/FormField.php
forms/HtmlEditorConfig.php
forms/gridfield/GridFieldDetailForm.php
forms/gridfield/GridFieldSortableHeader.php
lang/en.yml
model/Aggregate.php
model/DataList.php
model/DataObject.php
model/DataQuery.php
model/Image.php
model/MySQLDatabase.php
model/SQLQuery.php
model/fieldtypes/HTMLText.php
model/fieldtypes/Text.php
scss/AssetUploadField.scss
search/filters/SearchFilter.php
security/Authenticator.php
security/LoginForm.php
security/Member.php
security/MemberAuthenticator.php
security/MemberLoginForm.php
security/Security.php
tests/behat/features/bootstrap/SilverStripe/Framework/Test/Behaviour/CmsFormsContext.php
tests/control/HTTPTest.php
tests/control/RequestHandlingTest.php
tests/filesystem/UploadTest.php
tests/forms/FormTest.php
tests/forms/NumericFieldTest.php
tests/model/DataListTest.php
tests/model/DataObjectTest.php
tests/model/TextTest.php
tests/security/MemberAuthenticatorTest.php
tests/security/SecurityDefaultAdminTest.php
tests/view/SSViewerCacheBlockTest.php
tests/view/SSViewerTest.php
2014-11-18 12:45:54 +13:00
Stevie Mayhew
41ea83b337
FEATURE: add validation to form field subclasses
2014-11-17 08:17:38 +13:00
Loz Calver
97170dd42d
Better tests for SSViewer::flush & Flushable
2014-10-13 09:44:14 +01:00
Damian Mooyman
1e612607aa
Suggested improvements / test case fixes
2014-10-10 09:28:11 +13:00
Daniel Hensby
3b9056fc01
NEW Cookie_Backend for managing cookie state
...
I've decoupled `Cookie` from the actual act of setting and getting
cookies. Currently there are a few limitations to how Cookie works that
this change mitigates:
0. `Cookie` currently changes the super global `$_COOKIE` when setting
to make the state of an application a bit more managable, but this is
bad because we shouldn't be modifying super globals
0. One can't actually change the `$cookie_class` once the
`Cookie::$inst` has been instantiated
0. One can't test cookies as there is no class that holds the state of
the cookies (it's just held in the super global which is reset as part
of `Director::test()`
0. One can't tell the origin of a cookie (eg: did the application set it
and it needs to be sent, or did we receive it from the browser?)
0. `time()` was used, so testing was made difficult
0. There was no way to get all the cookies at once (without accessing
the super global)
Todos are on the phpdoc and I'd like to write some tests for the backend
as well as update the docs (if there are any) around cookies.
DOCS Adding `Cookie` docs
Explains basic usage of `Cookie` as well as how the `Cookie_Backend`
controls the setting and getting of cookies and manages state of sent vs
received cookies
Fixing `Cookie` usage
`Cookie` is being used inconsistently with the API throughout framework.
Either by not using `force_expiry` to expire cookies or setting them to
null and then expiring them (which is redundant).
NEW `Director::test()` takes `Cookie_Backend` rather than `array` for `$cookies` param
2014-10-06 17:44:51 +13:00
Sean Harvey
8063b349c8
BUG Fixing Director::test() failing on BASE_URL prefixed URLs
...
Example: you have a site in a sub-directory off the webroot, you call
->Link() on a SiteTree record, which returns "/[sitedir]/my-page", and
you pass this URL to Director::test(). It's a valid URL, but
Director::test() will throw a 404.
Director::test() should be ensuring that all URLs passed to it are
properly made relative, not just in the case where it thinks the URL
is absolute.
2014-08-22 15:21:53 +12:00
Damian Mooyman
eb069e605d
Remove all redundant whitespace
2014-08-19 09:17:15 +12:00
Mateusz Uzdowski
8bf3853887
Merge remote-tracking branch 'origin/3.1'
...
Conflicts:
docs/en/misc/contributing/issues.md
docs/en/reference/uploadfield.md
forms/HtmlEditorField.php
i18n/i18n.php
javascript/HtmlEditorField.js
model/DB.php
model/Image.php
model/SQLQuery.php
2014-08-14 09:08:26 +12:00
Damian Mooyman
a89dbd29e1
Revert #3345 #3323
2014-07-31 17:05:57 +12:00